Virus raila odinga
albright
-
Narco!4 Messages postés 2446 Statut Contributeur -
Narco!4 Messages postés 2446 Statut Contributeur -
Bonjour,
info.txt logfile of random's system information tool 1.06 1988-01-01 00:41:53
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
AirPlus XtremeG-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{79B92240-9C65-4DD7-B1AD-59910D2C1353} /l1036
ANIO Service-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"
ANIWZCS2 Service-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Comptabilité-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93A837CB-5919-4BBA-B1AE-2E42F0E00794}\setup.exe" -l0x40c
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Micro Application - MediaDICO-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\MediaDICO\Uninst.isu"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Nero 8-->MsiExec.exe /X{9EDBB857-8028-49CD-B9C9-0B4D10CD1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Petit Larousse 2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{495D3648-1D6B-4B71-B174-6A2452FFF8CD}\setup.exe" -l0x40c
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Ralink Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x9 -removeonly
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
======Security center information======
AV: AVG Internet Security 3-pack
FW: AVG Firewall
======System event log======
Computer Name: PRIVE-0736613E2
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.
Record Number: 6020
Source Name: Service Control Manager
Time Written: 20090804085024.000000+060
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.
Record Number: 6019
Source Name: Service Control Manager
Time Written: 20090804085017.000000+060
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{E0C90DB4-44B9-4E34-B6CB-1CA4C08C0E2A} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 6018
Source Name: Tcpip
Time Written: 20090804085017.000000+060
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 7036
Message: Le service HTTP SSL est entré dans l'état : en cours d'exécution.
Record Number: 6017
Source Name: Service Control Manager
Time Written: 20090804085017.000000+060
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service HTTP SSL.
Record Number: 6016
Source Name: Service Control Manager
Time Written: 20090804085017.000000+060
Event Type: Informations
User: AUTORITE NT\SERVICE LOCAL
=====Application event log=====
Computer Name: PRIVE-0736613E2
Event Code: 100
Message: wuauclt (2620) Le moteur de base de données 5.01.2600.2180 est démarré.
Record Number: 441
Source Name: ESENT
Time Written: 20090109101433.000000+000
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 0
Message:
Record Number: 440
Source Name: NMIndexingService
Time Written: 20090109101355.000000+000
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 439
Source Name: SecurityCenter
Time Written: 20090109101348.000000+000
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 0
Message:
Record Number: 438
Source Name: Nero BackItUp Scheduler 3
Time Written: 20090109101343.000000+000
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur PRIVE-0736613E2\Robert alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.
Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.
Record Number: 437
Source Name: Userenv
Time Written: 20090108233436.000000+000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 9 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=0905
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 1988-01-01 00:41:53
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
AirPlus XtremeG-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{79B92240-9C65-4DD7-B1AD-59910D2C1353} /l1036
ANIO Service-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"
ANIWZCS2 Service-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Comptabilité-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93A837CB-5919-4BBA-B1AE-2E42F0E00794}\setup.exe" -l0x40c
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Micro Application - MediaDICO-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Micro Application\MediaDICO\Uninst.isu"
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Nero 8-->MsiExec.exe /X{9EDBB857-8028-49CD-B9C9-0B4D10CD1036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Petit Larousse 2004-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{495D3648-1D6B-4B71-B174-6A2452FFF8CD}\setup.exe" -l0x40c
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Ralink Wireless LAN Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x9 -removeonly
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
======Security center information======
AV: AVG Internet Security 3-pack
FW: AVG Firewall
======System event log======
Computer Name: PRIVE-0736613E2
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.
Record Number: 6020
Source Name: Service Control Manager
Time Written: 20090804085024.000000+060
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 7036
Message: Le service Explorateur d'ordinateur est entré dans l'état : arrêté.
Record Number: 6019
Source Name: Service Control Manager
Time Written: 20090804085017.000000+060
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 4201
Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{E0C90DB4-44B9-4E34-B6CB-1CA4C08C0E2A} était connectée au réseau,
et a lancé une opération normale sur la carte réseau.
Record Number: 6018
Source Name: Tcpip
Time Written: 20090804085017.000000+060
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 7036
Message: Le service HTTP SSL est entré dans l'état : en cours d'exécution.
Record Number: 6017
Source Name: Service Control Manager
Time Written: 20090804085017.000000+060
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service HTTP SSL.
Record Number: 6016
Source Name: Service Control Manager
Time Written: 20090804085017.000000+060
Event Type: Informations
User: AUTORITE NT\SERVICE LOCAL
=====Application event log=====
Computer Name: PRIVE-0736613E2
Event Code: 100
Message: wuauclt (2620) Le moteur de base de données 5.01.2600.2180 est démarré.
Record Number: 441
Source Name: ESENT
Time Written: 20090109101433.000000+000
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 0
Message:
Record Number: 440
Source Name: NMIndexingService
Time Written: 20090109101355.000000+000
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 439
Source Name: SecurityCenter
Time Written: 20090109101348.000000+000
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 0
Message:
Record Number: 438
Source Name: Nero BackItUp Scheduler 3
Time Written: 20090109101343.000000+000
Event Type: Informations
User:
Computer Name: PRIVE-0736613E2
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur PRIVE-0736613E2\Robert alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.
Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.
Record Number: 437
Source Name: Userenv
Time Written: 20090108233436.000000+000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 9 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=0905
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
A voir également:
- Virus raila odinga
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
